Speaker
Description
Abstract
We have defended our position (cf. expat BoF) to standardize the attested TLS protocol in the IETF, and a new Working Group named Secure Evidence and Attestation Layer (SEAL) is being formed to exclusively tackle this specific problem. We would like to present the work (candidate draft for standardization) and gather feedback from the security community on the desired security goals, so that feedback can be accommodated in the standardization.
Background
Transport Layer Security (TLS) is a widely used protocol for secure channel establishment. However, it lacks an inherent mechanism for validating the security state of the workload and its platform. To address this, remote attestation can be integrated into TLS, which is named attested TLS protocol. In this talk, we present an overview of the three approaches for this integration, namely pre-handshake attestation, intra-handshake attestation, and post-handshake attestation. We also present insights from the Formal Verification using the state-of-the-art symbolic security analysis tool ProVerif to provide high confidence for use in security-critical applications.
Current project partners include Arm, Linaro, Siemens, Huawei, Intuit, Axis, Bonn-Rhein-Sieg University of Applied Sciences, and Barkhausen Institut. By this talk, we hope to inspire more open-source contributors to this project.
The attendees will gain technical insights into the latest developments of standardization of attested TLS protocols in the IETF and will be able to provide feedback on the requirements for their use cases of attestation for confidential computing.
Benefits to the ecosystem
Our thorough analysis shows that pre-handshake attestation is potentially vulnerable to replay, relay, and diversion attacks. On the other hand, intra-handshake attestation is potentially vulnerable to relay and diversion attacks. While post-handshake attestation results in slightly high latency, it offers better security properties than the other two options, forming a valuable contribution to the TEE attestation ecosystem.
In a nutshell, to provide more robust security guarantees, all applications can replace standard TLS with attested TLS.